Everyone wants to learn how to buy Bitcoin. Unfortunately, not everyone is as concerned about the safety of their investment and what steps to take before and after they buy Bitcoin to keep it secure.

As Bitcoin is still in the early stages of becoming adopted by the masses, the technologies and software used to buy Bitcoin and keep it safe are somewhat difficult to use for the average consumer.

So instead of just talking about getting rich from Bitcoin, moon, lambo, and all the other fun but ultimately useless memes that have circulated in the space, we’re here to provide you with expert-approved, step-by-step instructions on how to buy Bitcoin and store it securely.

And while we won’t use this post to go through the ins and outs of blockchain technology, we are here to guide you—safely—on your journey from buying your first digital asset to turning into a long-term holder (or if you prefer, HODLer).

[It’s important to note that we are not providing investment advice in any way, and are not suggesting that you should or shouldn’t invest in Bitcoin or other digital assets.]

There are three stages to owning Bitcoin or any other digital assets.

  1. Stage 1: Signing up with an exchange to buy Bitcoin or other digital assets
  2. Stage 2: Trading Bitcoin or other digital assets on one or multiple exchanges
  3. Stage 3: Storing Bitcoin or other digital assets for the short- and long-term

For each stage of the digital asset buying, trading, or storing cycle, there are different protections you should be considering in order to keep your accounts safe, and ensure the safety of your Bitcoin and other digital assets.

In this post, we’ll focus on Stage 1: Signing up with an exchange to buy Bitcoin or other digital assets, but be sure to check back when we post Stages 2 (click here) and 3, which will also be updated and added to this post.

Wait, What’s Bitcoin?

So, you’ve been hearing about Bitcoin for too long, and your FOMO (fear of missing out) is kicking it.

You’re ready to get in on the action.

Before you even consider adding any money into Bitcoin or any other digital asset, you should DYOR (do your own research). Bitcoin wasn’t intended to be a get rich quick scheme. You should have a basic understanding of what blockchain technology is and how digital assets fit in before you pour your money into something that is completely alien to you.

There are millions of resources online to learn from—Google and YouTube will be your friend during your Bitcoin journey.

[*Watches 100 YouTube videos and reads 100 Blockchain articles*]

Is your research done? Do you feel confident that you’re ready to get involved? Then let’s go!

Whether you’re investing $10, $10,000, or $10,000,000, there are a few terms you should understand before you buy to keep your digital assets safe.

How to Buy Bitcoin Safely in Six Steps

Learning how to buy Bitcoin for the first time is easy, right? Technically. But if you want your Bitcoin to remain your Bitcoin you need to follow these simple but critical safety steps before you purchase.

How to buy Bitcoin safely in six steps:

  1. Use a secure WiFi connection
  2. Choose an exchange
  3. Check for phishing
  4. Use a password manager
  5. Enable 2FA (two-factor authentication)
  6. Buy Bitcoin

Step One: Use a secure WiFi connection

Use Secure WiFi

Step one is also security checkpoint number one: are you using a secure WiFi connection?

In order to keep this organized, let’s look at this through the lens of a public WiFi (e.g. coffee shop WiFi or Hotel WiFi) versus private WiFi (e.g. home or office).

Rules to keeping your Bitcoin safe using public WiFi:

  • Under no circumstances should you use an unsecured WiFi connection (e.g. public WiFi) to buy Bitcoin or access exchanges or wallets.
  • If you want to access exchanges or wallets on a public WiFi, you must use a VPN (virtual private network).
  • Once you choose and enable your VPN, you can comfortably access accounts using a public WiFi.

Don’t believe us? This guy had $117,000 worth of Bitcoin stolen by a hacker after logging in to his Bitcoin accounts using a public WiFi connection.

Even if you’re using a secured WiFi network like the one at your home or office, there are a few things you can do to ensure the safety of your online activity.

Rules to keeping your Bitcoin safe using private WiFi:

  • Use a strong (unique, complex) password for your home WiFi network
  • Afraid you’ll lose it or forget it? Save it to a password manager, and you can securely share it with family members, roommates, or guests.
  • How old is your router? Older routers adhere to older security protocols. Make sure your router adheres to the newest and most secure protocol: WPA2 (learn more about WPA2 vs. other protocols).
  • If you don’t trust your ISP (Internet Service Provider), you can use a VPN on your home network for an additional layer of trust/security.

Once you’re connected to a secure WiFi connection, boot up the ole’ internet and get to researching which exchange you want to sign up for to buy Bitcoin.

Step Two: Choose an exchange

Choose an Exchange

You’re going to want to create an account with an exchange that allows you to on-ramp into Bitcoin using fiat money (fiat money is government-backed money like the US Dollar or the Euro).

Many people like to get started by using Coinbase or Gemini, and Robinhood just created an app for Bitcoin buying that has fiat on-ramping.

Step Three: Check for phishing

Check for Phishing

Here is your second security checkpoint:

  • Is the URL for the exchange exactly correct?
  • Is there an ‘https’ indicating a secure site before the URL?

Beware of spoofed sites, as they can phish you, steal your credentials, and thus take control of your digital assets.

Don’t believe us? This Ukrainian Bitcoin phishing ring stole over $50 million by funneling unsuspecting users via Google Ads to spoofed websites for Bitcoin wallet software.

If the URL is legitimate, create a bookmark folder in your browser labeled ‘Bitcoin’ and save the URL there. Only access the exchange through that bookmark to help avoid phishing.

The same goes for mobile apps—make sure the Bitcoin exchange or wallet app you’re downloading is verified and not a copy-cat.

Great, now you’re ready to create your account.

Step Four: Use a password manager

Use a Password Manager

Signing up is your third security checkpoint:

  • For all intents and purposes, signing up for an exchange is similar to signing up for a bank—this account will have access to your bank account and/or credit cards, Bitcoin, and other digital assets.
  • Because of that, you need a strong, unique password for each exchange that you sign up for.
  • If you don’t already use one, we highly recommend using a password manager.
  • Using your password manager, you can generate strong, unique passwords easily, and those passwords are stored securely and can be accessed (only by you) anytime from a computer, tablet, or phone.
  • Eliminating password reuse across your sensitive accounts is mission critical. Every password that you reuse expands your attack surface for hackers and weakens your security.

Don’t believe us? Coinbase has an insurance policy to protect its users’ accounts and fiat assets up to $250,000. However, “This insurance policy does not cover any losses resulting from the compromise of your individual Coinbase account. It is your responsibility to use a strong password and maintain control of all login credentials.”

Now that you’re signed in and your account is protected with a strong password, you’ve reached security checkpoint number four (and step five).

Step Five: Enable 2FA (two-factor authentication)

Enable 2FA

It’s critical that the first thing you do when you log in to a new exchange is enable 2FA (two-factor authentication). Every legitimate exchange allows for 2FA, and there is no scenario where you should skip this step.

Because most exchanges are connected through your email address, you should be using 2FA on your email accounts as well. (In fact, we recommend 2FA on all sensitive accounts, not just your Bitcoin ones).

*Important to note:

  • Before you connect your device to the exchange via 2FA, you are given a 2FA secret key that can be used to forego 2FA in a scenario where your mobile device is stolen, lost, or even upgraded (e.g. you buy a new phone) and you need access to your account—it’s imperative that you store those secret keys carefully, preferably written down offline and stored in a safe.
  • Already connected 2FA but forgot to write down your secret key? Don’t fret. Sign-in to the exchange using your existing 2FA app. Once you are 100% logged into your account, you can disable 2FA, delete it from your app, and then re-enable it immediately thereafter. When you re-enable 2FA, you’ll be given a new 2FA secret key and a new QR code to scan into your 2FA app. Write down the secret key and be on your merry way. Keep in mind: some exchanges disable withdrawals for 24 hours (or more) following the disabling of 2FA.

2FA requires you to use a second factor of authentication every time you sign in, and most exchanges will also require you to use 2FA for any withdrawal or trade—so make sure you have your phone on you if you want to buy, sell, or move your digital assets.

Most exchanges work with the Google Authenticator app (for iPhone or Android). We do not recommend using SMS as a means of 2FA, as it is easier for a hacker to gain access to your text messages than it is for them to gain access to your physical device which stores the Authenticator app.

Don’t believe us? This guy lost $8,000 worth of Bitcoin in 15 minutes because he used SMS 2FA. Not impressed? Using SMS 2FA cost this guy millions.

You enable 2FA by simply scanning the QR code (after you’ve written down your 2FA secret key) that’s displayed on your computer with your Google Authenticator app.

Step Six: Buy Bitcoin

Buy Bitcoin

Now that your account has the highest levels of protections, you’re ready to add fiat money to your account and buy Bitcoin or any other digital assets that you desire.

The process for on-ramping fiat money from your bank or credit card usually requires two steps, depending on the exchange:

  1. KYC (Know Your Customer) verification – this can include a number of different things, from taking a selfie to taking a picture of your driver’s license – all in the name of verifying your identity for financial institutions. Learn more about why KYC exists here.
  2. Connecting your bank or credit card – this is the same as connecting your credit card or bank to your Venmo account. If your account is secured with a strong password and 2FA, adding your credit card or bank information to your account is safe.

With your bank or credit card connected, you are free and ready to buy and sell Bitcoin (BTC), Ethereum (ETH), Monero (XMR), or any other digital asset that your exchange of choice supports.

Don’t forget to check back for our upcoming posts:


*Before we sign off, a short rant for those who are new to buying Bitcoin and other digital assets

Remember, you don’t need to buy one full Bitcoin—what that means, for example, is that one Bitcoin might be valued at $10,000, but that doesn’t mean you need to buy a minimum of $10,000 worth of Bitcoin. You can buy any amount that you desire, and own that amount in Bitcoin. In that scenario, if you were to buy $5,000 worth of Bitcoin, you would own 0.5 BTC, and if you were to buy $500 worth of Bitcoin, you would own 0.05 BTC.

Instead of looking at the price-per-coin (which can be artificially deflated or inflated depending on the total supply), an easy way to gauge the true market value of a digital asset is to look at its market cap—which can be found on sites like coinmarketcap.com.

It is your responsibility, and your responsibility alone, to do your DD (due diligence) and determine which digital asset you want to buy.


Ready to download a password manager and keep your Bitcoin accounts safe? Look no further—Dashlane is the password manager you need. Download it for free here.